Search Results

Search found 3942 results on 158 pages for 'logged'.

Page 132/158 | < Previous Page | 128 129 130 131 132 133 134 135 136 137 138 139  | Next Page >

• Session hijacking prevention...how far will my script get me? additional prevention procedures?

  - by Yusaf Khaliq

  When the user logs in the current session vairables are set $_SESSION['user']['timeout'] = time(); $_SESSION['user']['ip'] = $_SERVER['REMOTE_ADDR']; $_SESSION['user']['agent'] = $_SERVER['HTTP_USER_AGENT']; In my common.php page (required on ALL php pages) i have used the below script, which resets a 15 minute timer each time the user is active furhtermore checks the IP address and checks the user_agent, if they do not match that as of when they first logged in/when the session was first set, the session is unset furthermore with inactivity of up to 15 minutes the session is also unset. ... is what i have done a good method for preventing session hijacking furthermore is it secure and or is it enough? If not what more can be done? if(!empty($_SESSION['user'])){ if ($_SESSION['user']['timeout'] + 15 * 60 < time()) { unset($_SESSION['user']); } else { $_SESSION['user']['timeout'] = time(); if($_SESSION['user']['ip'] != $_SERVER['REMOTE_ADDR']){ unset($_SESSION['user']); } if($_SESSION['user']['agent'] != $_SERVER['HTTP_USER_AGENT']){ unset($_SESSION['user']); } } }

  Read the article

• HTTP POST prarameters order / REST urls

  - by pq

  Let's say that I'm uploading a large file via a POST HTTP request. Let's also say that I have another parameter (other than the file) that names the resource which the file is updating. The resource cannot be not part of the URL the way you can do it with REST (e.g. foo.com/bar/123). Let's say this is due to a combination of technical and political reasons. The server needs to ignore the file if the resource name is invalid or, say, the IP address and/or the logged in user are not authorized to update the resource. Looks like, if this POST came from an HTML form that contains the resource name first and file field second, for most (all?) browsers, this order is preserved in the POST request. But it would be naive to fully rely on that, no? In other words the order of HTTP parameters is insignificant and a client is free to construct the POST in any order. Isn't that true? Which means that, at least in theory, the server may end up storing the whole large file before it can deny the request. It seems to me that this is a clear case where RESTful urls have an advantage, since you don't have to look at the POST content to perform certain authorization/error checking on the request. Do you agree? What are your thoughts, experiences?

  Read the article

• Outgoing UDP sniffer in python?

  - by twneale

  I want to figure out whether my computer is somehow causing a UDP flood that is originating from my network. So that's my underlying problem, and what follows is simply my non-network-person attempt to hypothesize a solution using python. I'm extrapolating from recipe 13.1 ("Passing Messages with Socket Datagrams") from the python cookbook (also here). Would it possible/sensible/not insane to try somehow writing an outgoing UDP proxy in python, so that outgoing packets could be logged before being sent on their merry way? If so, how would one go about it? Based on my quick research, perhaps I could start a server process listening on suspect UDP ports and log anything that gets sent, then forward it on, such as: import socket s =socket.socket(socket.AF_INET, socket.SOCK_DGRAM) s.bind(("", MYPORT)) while True: packet = dict(zip('data', 'addr'), s.recvfrom(1,024)) log.info("Recieved {data} from {addr}.".format(**packet)) But what about doing this for a large number of ports simultaneously? Impractical? Are there drawbacks or other reasons not to bother with this? Is there a better way to solve this problem (please be gentle).

  Read the article

• Django m2m form appearing fields

  - by dana

  I have a classroom application,and a follow relation. Users can follow each other and can create classrooms.When a user creates a classroom, he can invite only the people that are following him. The Classroom model is a m2m to User table. i have in models. py: class Classroom(models.Model): creator = models.ForeignKey(User) classname = models.CharField(max_length=140, unique = True) date = models.DateTimeField(auto_now=True) open_class = models.BooleanField(default=True) members = models.ManyToManyField(User,related_name="list of invited members") and in models.py of the follow application: class Relations(models.Model): initiated_by = models.ForeignKey(User, editable=False) date_initiated = models.DateTimeField(auto_now=True, editable = False) follow = models.ForeignKey(User, editable = False, related_name = "follow") date_follow = models.DateTimeField(auto_now=True, editable = False) and in views.py of the classroom app: def save_classroom(request, username): if request.method == 'POST': u = User.objects.get(username=username) form = ClassroomForm(request.POST, request.FILES) if form.is_valid(): new_obj = form.save(commit=False) new_obj.creator = request.user r = Relations.objects.filter(initiated_by = request.user) # new_obj.members = new_obj.save() return HttpResponseRedirect('.') else: form = ClassroomForm() return render_to_response('classroom/classroom_form.html', { 'form': form, }, context_instance=RequestContext(request)) i'm using a ModelForm for the classroom form, and the default view, taking in consideration my many to many relation with User table, in the field Members, is a list of all Users in my database. But i only want in that list the users that are in a follow relationship with the logged in user - the one who creates the classroom. How can i do that? Thanks!

  Read the article

• Django + jQuery: Sometimes AJAX, but always DRY?

  - by Justin Myles Holmes

  Let's say I have an app (in Django) for which I want to sometimes (but not always) load content via ajax. An easy example is logging in. When the user logs in, I don't want to refresh the page, just change things around. Yet, if they are already logged in, and then arrive at (or refresh) the same page, I want it to show the same content. So, in the first case, obviously I do some sort of ajax login and load changes to the page accordingly. Easy enough. But what about in the second case? Do I go back through and add {% if user.authenticated %} all over the place? This seems cold, dark, and WET. On the other hand, I can just wrap all the ajaxy stuff in a javascript function, called loggedIn(), and run that if the user is authenticated. But then I'm faced with two http requests instead of one. Also undesirable. So what's the standard solution here?

  Read the article

• How can I write System preferences with Java? Can I invoke UAC?

  - by Jonas

  How can I write system preferences with Java, using Preferences.systemRoot()? I tried with: Preferences preferences = Preferences.systemRoot(); preferences.put("/myapplication/databasepath", pathToDatabase); But I got this error message: 2010-maj-29 19:02:50 java.util.prefs.WindowsPreferences openKey VARNING: Could not open windows registry node Software\JavaSoft\Prefs at root 0x80000002. Windows RegOpenKey(...) returned error code 5. Exception in thread "AWT-EventQueue-0" java.lang.SecurityException: Could not open windows registry node Software\JavaSoft\Prefs at root 0x80000002: Access denied at java.util.prefs.WindowsPreferences.openKey(Unknown Source) at java.util.prefs.WindowsPreferences.openKey(Unknown Source) at java.util.prefs.WindowsPreferences.openKey(Unknown Source) at java.util.prefs.WindowsPreferences.putSpi(Unknown Source) at java.util.prefs.AbstractPreferences.put(Unknown Source) at biz.accountia.pos.install.Setup$2.actionPerformed(Setup.java:43) I would like to do this, because I want to install an embedded JavaDB database, and let multiple users on the computer to use the same database with the application. How to solve this? Can I invoke UAC and do this as Administrator from Java? And if I log in as Administrator when writing, can I read the values with my Java application if I'm logged in as a User?

  Read the article

• how to retrive pK using spring security

  - by aditya

  i implement this method of the UserDetailService interface, public UserDetails loadUserByUsername(final String username) throws UsernameNotFoundException, DataAccessException { final EmailCredential userDetails = persistentEmailCredential .getUniqueEmailCredential(username); if (userDetails == null) { throw new UsernameNotFoundException(username + "is not registered"); } final HashSet<GrantedAuthority> authorities = new HashSet<GrantedAuthority>(); authorities.add(new GrantedAuthorityImpl("ROLE_USER")); for (UserRole role:userDetails.getAccount().getRoles()) { authorities.add(new GrantedAuthorityImpl(role.getRole())); } return new User(userDetails.getEmailAddress(), userDetails .getPassword(), true, true, true, true, authorities); } in the security context i do some thing like this <!-- Login Info --> <form-login default-target-url='/dashboard.htm' login-page="/login.htm" authentication-failure-url="/login.htm?authfailed=true" always-use-default-target='false' /> <logout logout-success-url="/login.htm" invalidate-session="true" /> <remember-me user-service-ref="emailAccountService" key="fuellingsport" /> <session-management> <concurrency-control max-sessions="1" /> </session-management> </http> now i want to pop out the Pk of the logged in user, how can i show it in my jsp pages, any idea thanks in advance

  Read the article

• Modifying my website to allow anonymous comments

  - by David

  I write the code for my own website as an educational/fun exercise. Right now part of the website is a blog (like every other site out there :-/) which supports the usual basic blog features, including commenting on posts. But I only have comments enabled for logged-in users; I want to alter the code to allow anonymous comments - that is, I want to allow people to post comments without first creating a user account on my site, although there will still be some sort of authentication involved to prevent spam. Question: what information should I save for anonymous comments? I'm thinking at least display name and email address (for displaying a Gravatar), and probably website URL because I eventually want to accept OpenID as well, but would anything else make sense? Other question: how should I modify the database to store this information? The schema I have for the comment table is currently comment_id smallint(5) // The unique comment ID post_id smallint(5) // The ID of the post the comment was made on user_id smallint(5) // The ID of the user account who made the comment comment_subject varchar(128) comment_date timestamp comment_text text Should I add additional fields for name, email address, etc. to the comment table? (seems like a bad idea) Create a new "anonymous users" table? (and if so, how to keep anonymous user ids from conflicting with regular user ids) Or create fake user accounts for anonymous users in my existing users table? Part of what's making this tricky is that if someone tries to post an anonymous comment using an email address (or OpenID) that's already associated with an account on my site, I'd like to catch that and prompt them to log in.

  Read the article

• Div click and AUTOCOMPLETE password dialog problem

  - by ticky

  And what if you want to autocomplete passwords? I am using similar thing here... I am using Div (id=loginButton) and it has some image - I don't want button control in MVC application (), neither image button. I have hidden input control which is hidden button actually (id=submit_btn). So, on div's (id=loginButton) click, I want to call hidden input control (id=submit_btn) and it's submit action. HTML: <div id="loginButton" > </div> <input type="submit" style="display:none" name="submit" id="submit_btn" /> And JQuery: $(document).ready(function() { $('#loginButton').click(function() { $('#LoginForm').submit(); }); $("form[action$='HandleLoginForm']").submit(function() { Login(); return false; }); return false; }); Function Login() is working with Ajax, without downloading file dialog, but I need also auto complete passwords dialog. function Login() { var urlData = $("#LoginForm").serialize(); if (returnUrl != "") { urlData = $("#LoginForm").serialize() + "&returnUrl=" + returnUrl; } $.ajax({ url: $("#LoginForm").attr("action"), type: "POST", data: urlData, dataType: "json", success: function(result) { if (result.Content != null) { if (result.Valid) { window.location = result.Content.toString(); } else { document.body.innerHTML = result.Content.toString(); } } } }); return false; } It is easy when you use only <input type="submit"> instead of DIV. Form knows that it is for auto completing passwords, but if I use div and force hidden button click like in the code from below, it doesn't show autocomplete password dialog. $('#submit_btn').click(); It will not work. User is logged in, but no reminding for browser to store password. I need this.

  Read the article

• Network Authentication when running exe from WMI

  - by Andy

  Hi, I have a C# exe that needs to be run using WMI and access a network share. However, when I access the share I get an UnauthorizedAccessException. If I run the exe directly the share is accessible. I am using the same user account in both cases. There are two parts to my application, a GUI client that runs on a local PC and a backend process that runs on a remote PC. When the client needs to connect to the backend it first launches the remote process using WMI (code reproduced below). The remote process does a number of things including accessing a network share using Directory.GetDirectories() and reports back to the client. When the remote process is launched automatically by the client using WMI, it cannot access the network share. However, if I connect to the remote machine using Remote Desktop and manually launch the backend process, access to the network share succeeds. The user specifed in the WMI call and the user logged in for the Remote Desktop session are the same, so the permissions should be the same, shouldn't they? I see in the MSDN entry for Directory.Exists() it states "The Exists method does not perform network authentication. If you query an existing network share without being pre-authenticated, the Exists method will return false." I assume this is related? How can I ensure the user is authenticated correctly in a WMI session? ConnectionOptions opts = new ConnectionOptions(); opts.Username = username; opts.Password = password; ManagementPath path = new ManagementPath(string.Format("\\\\{0}\\root\\cimv2:Win32_Process", remoteHost)); ManagementScope scope = new ManagementScope(path, opts); scope.Connect(); ObjectGetOptions getOpts = new ObjectGetOptions(); using (ManagementClass mngClass = new ManagementClass(scope, path, getOpts)) { ManagementBaseObject inParams = mngClass.GetMethodParameters("Create"); inParams["CommandLine"] = commandLine; ManagementBaseObject outParams = mngClass.InvokeMethod("Create", inParams, null); }

  Read the article

• Password Confirmation Overlay

  - by Alasdair

  Hello, I'm creating a J2EE web application that uses jQuery and Ajax to help with some of the presentation for a user-friendly interface. I've done a lot of work ensuring security around persistant login cookies, and I've decided to request the password from any user that logged in using a persistant login cookie before being allowed to make any changes that could be malicious. This request would only happen once to confirm the user is who they say they are and will last throughout the session. At present, any requests that meet this criteria has their request information stored in session and then the user is forwarded to a page to confirm their password. Once confirmed, the user's original request is then performed and the requestion information removed from session. What I would like to do is avoid all this redirection and minimize what's held in session (even if it's just for a small time), thus improving usability and convenience for the user. I believe that a jQuery overlay could allow me to prompt the user for their password (if required) and then continue to submit the request if successful. I would of originally used ThickBox, but since that's now deprecated I don't see the benefit in implementing it in an application at this development stage. However, I have tried to create an overlay using jQuery but I've scrapped every attempt as I can't seem to make it all come together. My main problem is preventing the submission when the user incorrectly types a password or cancels the overlay. Desired Flow Persistant Login Sensitive Page Submit Password Confirmation Overlay [Continue Submit | (Cancel | Incorrect] I have already created JavaScript code to encrypt the password to be sent in a parameter, but all I need now is a method of controlling the overlay and how best to use Ajax for this purpose. Please ignore the fact that this is a J2EE web application when answering as it is irrelevant really. Thanks in advance, Alasdair

  Read the article

• partial entity loading and management in silverlight / wcf ria

  - by Dan Wray

  I have a Silverlight 4 app which pulls entities down from a database using WCF RIA services. These data objects are fairly simple, just a few fields but one of those fields contains binary data of an arbitrarily size. The application needs access to this data basically asap after a user has logged in, to display in a list, enable selection etc. My problem is because of the size of this data, the load times are not acceptable and can approach the default timeout of the RIA service. I'd like to somehow partially load the objects into my local data context so that I have the IDs, names etc but not the binary data. I could then at a later point (ie when it's actually needed) populate the binary fields of those objects I need to display. Any suggestions on how to accomplish this would be welcome. Another approach which has occurred to me whilst writing this question (how often does that happen?!) is that I could move the binary data into a seperate database table joined to the original record 1:1 which would allow me to make use of RIA's lazy loading on that binary data. again.. comments welcome! Thanks.

  Read the article

• Validate domain against LDAP?

  - by lucian.jp

  I have a procedure to get the name of the logged user show on the site. I get it this way : var winIdentity = (WindowsIdentity) HttpContext.Current.User.Identity; if (winIdentity != null) { string domainUser = winIdentity.Name.Replace(@"\", "/"); string domain = winIdentity.Name.Split('\\')[0]; string user = winIdentity.Name.Split('\\')[1]; var myDe = new DirectoryEntry(ConfigurationManager.ConnectionStrings["LDAP"].ConnectionString, ConfigurationManager.AppSettings["LDAPCredentials"].Split(';')[0], ConfigurationManager.AppSettings["LDAPCredentials"].Split(';')[1]); var deSearcher = new DirectorySearcher(myDe) {Filter = "(&(sAMAccountName=" + user + "))"}; SearchResult result = deSearcher.FindOne(); if (result != null) { DirectoryEntry userDe = result.GetDirectoryEntry(); lblNameAD.Text = string.Format(lblNameAD.Text, userDe.Properties["givenName"].Value, userDe.Properties["sn"].Value); } else { var adEntry = new DirectoryEntry("WinNT://" + domainUser); string fullname = adEntry.Properties["FullName"].Value.ToString(); lblNameAD.Text = string.Format(lblNameAD.Text, !string.IsNullOrEmpty(fullname) ? fullname : user, null); } } Probleme id that if I have a local useraccount with the same username that one from LDAP, it passes the check and return the name. EX: local\MyUser domain\MyUser Both return the name from AD even if the one from local isn't a domain account. It would be perfect if I could search in LDAP for domainuser, but it seems I can't. I also tried to restrict the DC with the DirectorySearcher but the domain name is "domain", but I only have "dc=dom" and "dc=com" and no DC for full domain name.

  Read the article

• Fix an external dependency of a ruby gem

  - by Patrick Daryll Glandien

  I am currently trying to install the gem nfoiled, which provides a ruby interface to ncurses. I do this by using gem install elliottcable-nfoiled as suggest in the README. Downloading it manually from the github repository and then installing it with rake install doesn't work because of a problem with the echoe-gem, thus I am bound to use the normal way. Unfortunately it depends on the gem ncurses-0.9.1 which is only compatible with ruby 1.8, and thus I can't install nfoiled either (since it always tries to compile ncurses-0.9.1 first): novavortex:/usr/src# gem install elliottcable-nfoiled Building native extensions. This could take a while... ... form_wrap.c: In function `rbncurs_m_new_form': form_wrap.c:395: error: `struct RArray' has no member named `len' form_wrap.c: In function `rbncurs_c_set_field_type': form_wrap.c:619: error: `struct RArray' has no member named `len' form_wrap.c: In function `rbncurs_c_set_form_fields': form_wrap.c:778: error: `struct RArray' has no member named `len' form_wrap.c: In function `make_arg': form_wrap.c:1126: error: `struct RArray' has no member named `len' make: *** [form_wrap.o] Error 1 Gem files will remain installed in /usr/local/lib/ruby/gems/1.9.1/gems/ncurses-0.9.1 for inspection. Results logged to /usr/local/lib/ruby/gems/1.9.1/gems/ncurses-0.9.1/gem_make.out novavortex:/usr/src# I managed to fix the problem in ncurses-0.9.1 (by replacing RARRAY(x)-len with RARRAY_LEN(x)) and to install it, but nfoiled still always tries to recompile it from a freshly downloaded source. How can I install nfoiled without having it recompile ncurses first?

  Read the article

• Client-Side Dynamic Removal of <script> Tags in <head>

  - by merv

  Is it possible to remove script tags in the <head> of an HTML document client-side and prior to execution of those tags? On the server-side I am able to insert a <script> above all other <script> tags in the <head>, except one, and I would like to be able to remove all subsequent scripts. I do not have the ability to remove <script> tags from the server side. What I've tried: (function (c,h) { var i, s = h.getElementsByTagName('script'); c.log("Num scripts: " + s.length); i = s.length - 1; while(i > 1) { h.removeChild(s[i]); i -= 1; } })(console, document.head); However, the logged number of scripts comes out to only 1, since (as @ryan pointed out) the code is being executed prior to the DOM being ready. Although wrapping the code above in a document.ready event callback does enable proper calculation of the number of <script> tags in the <head>, waiting until the DOM is ready fails to prevent the scripts from loading. Is there a reliable means of manipulating the HTML prior to the DOM being ready? Background If you want more context, this is part of an attempt to consolidate scripts where no option for server-side aggregation is available. Many of the JS libraries being loaded are from a CMS with limited configuration options. The content is mostly static, so there is very little concern about manually aggregating the JavaScript and serving it from a different location. Any suggestions for alternative applicable aggregation techniques would also be welcome.

  Read the article

• How do you program a windows service in C# to start an application for a user?

  - by Swoop

  Is it possible to start a program so that it is available to a user with a windows service? I have been working with the Process.Start() in C#. I can get the service to kickoff some sort of process that appears in the Task Manager list under processes. However, the program nevers appears on the screen. By default, it runs under the user name "SYSTEM". I have adjusted the "Log On" option in the service manager to match the person logged into the computer, but this does not cause a window to appear either. I feel like I am either missing a simple setting, or need to take a different direction for this. Below is the code I have been working with to start up Firefox as a test app. private void startRunDap() { ProcessStartInfo startInfo = new ProcessStartInfo(); startInfo.FileName = "Firefox"; startInfo.WindowStyle = ProcessWindowStyle.Normal; startInfo.UseShellExecute = true; Process.Start(startInfo); //Process.Start("Firefox"); }

  Read the article

• How best to implement "favourites" feature? (like favourite products on a data driven website)

  - by ClarkeyBoy

  Hi, I have written a dynamic database driven, object oriented website with an administration frontend etc etc. I would like to add a feature where customers can save items as "favourites", without having to create an account and login, to come back to them later, but I dont know how exactly to go about doing this... I see three options: Log favourites based on IP address and then change these to be logged against an account if the customer then creates an account; Force customers to create an account to be able to use this functionality; Log favourites based on IP address but give users the option to save their favourites under a name they specify. The problem with option 1 is that I dont know much about IP addresses - my Dad thinks they are unique, but I know people have had problems with systems like this. The problem with 1 and 2 is that accounts have not been opened up to customers yet - only administrators can log in at the moment. It should be easy to alter this (no more than a morning or afternoons work) but I would also have to implement usergroups too. The problem with option 3 is that if user A saves a favourites list called "My Favourites", and then user B tries to save a list under this name and it is refused, user B will then be able to access the list saved by user A because they now know it already exists. A solution to this is to password protect lists, but to go to all this effort I may as well implement option 2. Of course I could always use option 4; use an alternative if anyone can suggest a better solution than any of the above options. So has anyone ever done something like this before? If so how did you go about it? What do you recommend (or not recommend)? Many thanks in advance, Regards, Richard

  Read the article

• Is a GWT app running on Google App Engine protected from CSRF

  - by gerdemb

  I'm developing a GWT app running on the Google App Engine and wondering if I need to worry about Cross-site request forgery or is that automatically taken care of for me? For every RPC request that requires authentication, I have the following code: public class BookServiceImpl extends RemoteServiceServlet implements BookService { public void deleteInventory(Key<Inventory> inventoryKey) throws NotLoggedInException, InvalidStateException, NotFoundException { DAO dao = new DAO(); // This will throw NotLoggedInException if user is not logged in User user = dao.getCurrentUser(); // Do deletion here } } public final class DAO extends DAOBase { public User getCurrentUser() throws NotLoggedInException { currentUser = UserServiceFactory.getUserService().getCurrentUser(); if(currentUser == null) { throw new NotLoggedInException(); } return currentUser; } I couldn't find any documentation on how the UserService checks authentication. Is it enough to rely on the code above or do I need to to more? I'm a beginner at this, but from what I understand to avoid CSRF attacks some of the strategies are: adding an authentication token in the request payload instead of just checking a cookie checking the HTTP Referer header I can see that I have cookies set from Google with what look like SID values, but I can't tell from the serialized Java objects in the payloads if tokens are being passed or not. I also don't know if the Referer header is being used or not. So, am I worrying about a non-issue? If not, what is the best strategy here? This is a common enough problem, that there must be standard solutions out there...

  Read the article

• How to set permissions or alter a git commit process when using local repositories

  - by Tony

  I have a server that contains a central git repository and one of my co-worker's development environment. My co-worker's repository's origin is the central git repository and he pushes there when he has some code to share. Likewise, I develop locally and push to the central git repository when I have some code to share, so my repository's origin is also the central git repository. The issue is that I have the central git repository under a "git" user's home directory. So when I push I am actually SSH'ing into the the server as the "git" user. To be even more clear, my config has these lines: $ more .git/config [remote "origin"] fetch = +refs/heads/*:refs/remotes/origin/* url = [email protected]:fsg [branch "master"] remote = origin merge = refs/heads/master When I push, git handles this SSH + push seamlessly with I am guessing some sort of git shell. The issue is that when my coworker pushes, he is logged in as himself for a user and gets a bunch of crazy permission errors. Is there a typical way to solve this problem without opening up git's directories to a group? I think this will be problematic when I push and therefore overwrite the the repository and those permissions are reset. Thanks!

  Read the article

• Change flash src with jquery?

  - by Elliott

  Hi I have a flash menu showing a few links, but when the user is logged in I want to change the menu from menu1 to menu2 ... so that it will display "My Account" rather than "Signup" The code below is for my flash: <div id="menu"> <object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,0,0" width="825" height="69" id="menu1" align="middle"> <param name="allowScriptAccess" value="sameDomain" /> <param name="allowFullScreen" value="false" /> <param name="movie" value="menu1.swf" /><param name="quality" value="high" /><param name="wmode" value="transparent" /><param name="bgcolor" value="#ffffff" /> <embed src="menu1.swf" quality="high" wmode="transparent" bgcolor="#ffffff" width="825" height="69" name="menu1" align="middle" allowScriptAccess="sameDomain" allowFullScreen="false" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/go/getflashplayer" /> </object> </div> Php: if (loggedin()) { echo '<script type="text/javascript"> CHANGE FLASH LINK HERE </script>'; } Could this be done without having to write all the above code out again? Thanks :)

  Read the article

• A way to enable a LaunchDaemon to output sound?

  - by Varun Mehta

  I have a small Foundation application that checks a website and plays a sound if it sees a certain value. This application successfully plays a sound when I run it as my user from the Terminal. I've configured this app to run as a LaunchDaemon, with the following plist: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>org.myorg.appidentifier</string> <key>ProgramArguments</key> <array> <string>/Users/varunm/path/to/cli/application</string> </array> <key>KeepAlive</key> <true/> <key>RunAtLoad</key> <true/> </dict> </plist> When I have this service launched I can see it successfully read in and log values from the website, but it never generates any sound. The sound files are located in the same directory as the binary, and I use the following code: NSSound *soundToPlay = [[NSSound alloc] initWithContentsOfFile:@"sound.wav" byReference:NO]; [soundToPlay setDelegate:stopper]; [soundToPlay play]; while (g_keepRunning) { [[NSRunLoop currentRunLoop] runUntilDate:[NSDate dateWithTimeIntervalSinceNow:1.0]]; } [soundToPlay setCurrentTime:0.0]; Is there any way to get my LaunchDaemon application to play sound? This machine gets run by different people, and sometimes has no one logged in, which is why I have to configure it as a LaunchDaemon.

  Read the article

• Sending basic authentication information via form

  - by VolatileStorm

  I am working on a site that currently uses a basic authentication dialog box login system, that is the type of dialog that you get if you go here: http://www.dur.ac.uk/vm.boatclub/password/index.php I did not set this system up and am not in a position to easily/quickly work around it, but it DOES work. The issue however is that the dialog box is not very helpful in telling you what login information you have to use (that is which username and password combination), and so I would like to replace it with a form. I had been thinking that this wasn't possible but I wanted to ask in order to find out. Is it possible to set up an HTML form that sends the data to the server such that it accepts it in the same way that it would using this dialog box? Alternatively is it possible to set up a PHP script that would take normal form data and process it somehow passing it to the server such that it logs in? Edit: After being told that this is basic authentication I went around and have managed to find a way that works and keeps the user persistently logged in. However, this does not work in internet explorer. The solution was simply to redirect the user to: http://username:[email protected]/vm.boatclub/password/index.php But Internet Explorer removed it due to phishing uses about 3 years ago. Is there a way to use javascript to get the browser to access the site in this way? Or will I have to simply change my UI?

  Read the article

• .NET 4.0 Forms Authentication change?

  - by James Koch

  I'm seeing some new behavior in Forms Authentication after upgrading to .NET 4.0. This occurs only on IIS 6, not on 7. Background - In web.config, we configure Forms Authentication, and then use <authorization tags to globally deny anonymous/unauthenticated users access. Then we explicitly allow access to a login.aspx page using a <location tag. Generally, this works fine, as it did when we were on .NET 2.0 (3.5). The issue only occurs when we visit the root path of the site, ie "http://myserver/". Our default document is configured in IIS to be login.aspx. Under .NET 4.0, upon visiting that URL, we're redirected to "http://myserver/login.aspx?ReturnUrl=/". If you log in from here, you're logged in and returned back at the log in page (yuck). Just wanted to post this here to see if anyone else is experiencing this. It's not listed on any "breaking changes" documentation I've been able to find. Either I'm missing something, or the UrlAuthorization module has changed and is no longer "smart" about IIS default documents.

  Read the article

• PhpBB3: adding background to specific php generated text input without affecting the other text inputs

  - by user1780055

  I have created a custom PhpBB3 style and desperately since a few hours tried to add a background image to a specific comment text area. With firebug I checked if the comment text area had a class and it does, so I tried some css variations and finally tried: sn-inputComment { background: url("{T_THEME_PATH}/images/pencil.png") repeat-x left top #FFFFFF;} { I also tried to find and manipulate the php generated text area but no success. Non of my methods worked. I will provide you all with a tinylink url to my forum with a test user and password access. User: test Password: 123456 url: http://tinyurl.com/9yqpxdb Now when you are logged in you should be redirected to the correct url and you will see a a few text boxes with "Write a comment...". I would be very happy if you could tell me what I did wrong, why im not able to add a background to the text input without having my search boxes and "what is on your mind box" affected. I appreciate your time and hope that this can be somehow solved. Sincerely, Daniel

  Read the article

• Can't install do_mysql gem?

  - by maccy1

  I'm trying to install the do_mysql on my Snow Leopord system Macbook Pro 13", but I keep getting this error: n216-160:~ myself$ sudo gem1.9 install do_mysql Password: Building native extensions. This could take a while... ERROR: Error installing do_mysql: ERROR: Failed to build gem native extension. /opt/local/bin/ruby1.9 extconf.rb checking for mysql_query() in -lmysqlclient... no *** extconf.rb failed *** Could not create Makefile due to some reason, probably lack of necessary libraries and/or headers. Check the mkmf.log file for more details. You may need configuration options. Provided configuration options: --with-opt-dir --without-opt-dir --with-opt-include --without-opt-include=${opt-dir}/include --with-opt-lib --without-opt-lib=${opt-dir}/lib --with-make-prog --without-make-prog --srcdir=. --curdir --ruby=/opt/local/bin/ruby1.9 --with-mysql-config --without-mysql-config --with-mysql-dir --without-mysql-dir --with-mysql-include --without-mysql-include=${mysql-dir}/include --with-mysql-lib --without-mysql-lib=${mysql-dir}/lib --with-mysqlclientlib --without-mysqlclientlib Gem files will remain installed in /opt/local/lib/ruby1.9/gems/1.9.1/gems/do_mysql-0.10.0 for inspection. Results logged to /opt/local/lib/ruby1.9/gems/1.9.1/gems/do_mysql-0.10.0/ext/do_mysql_ext/gem_make.out n216-160:~ myself$ I have no idea why. I also reinstalled my verison of MySQL with the MySQL 5.4.3 beta, 64-bit as others suggested but no dice. Does anyone have any idea what is wrong?

  Read the article

< Previous Page | 128 129 130 131 132 133 134 135 136 137 138 139  | Next Page >